HackerLangs
TopNewTrendsCommentsPastAskShowJobs

arsome

2,543 karmajoined قبل 7 سنوات

comments

arsome
·قبل 9 أيام·discuss
Have you considered being less puritanical about these requirements? Surely there would still be strong benefits for many users on other devices which would only be able to run if these were relaxed.
arsome
·قبل شهرين·discuss
I think it's more about convenience and bypassing filters - developers are already logged in to github, already have access to create repos and publish code, firewalls will allow it. Even fancy HIDS systems will think the git push is rather normal.

If they have a clue, the attacker still will not download that without using a botnet tunnel or Tor at a minimum.

Note though that these credentials aren't even encrypted using some lightweight ECC to prevent others from capturing them, they're posted in cleartext. Embarassment might be part of the point.
arsome
·قبل 3 أشهر·discuss
This gets even more involved when you consider things like loading libraries, there's also the impact of calls like OpenProcess/WriteProcessMemory/CreateRemoteThread (Windows-land versions, though I'm sure similar exists elsewhere).

The "good" Windows firewalls like Outpost and Zone Alarm used to have features to catch this, they'd detect when a process tried to invoke or open a running process which had internet access. They'd also do things like detect when a process tried to write a startup item. This went by names like "Leak Control" but it was basically providing near-complete HIDS features with local control.
arsome
·قبل 4 أشهر·discuss
If you're moving those kind of speeds you're probably not doing packet filtering in software.
arsome
·قبل 5 أشهر·discuss
Headscale also offers a relay server of its own.
arsome
·قبل 8 أشهر·discuss
Very quickly you'll find this doesn't work. Your DC will just null your IP. You'll switch to a new one and the attackers will too, the DC will null that one. You won't win at this game unless you're a very sizeable organization or are just willing to wait the attackers out, they will get bored eventually.
arsome
·قبل 8 أشهر·discuss
One of these things is much easier to burn or otherwise tamper with.
arsome
·قبل 11 شهرًا·discuss
This seems absolutely silly, it's not hard to take a photo of a photo and there's both analog (building a lightbox) and digital (modifying the sensor input) means which would make this entirely trivial to spoof.
arsome
·قبل 3 سنوات·discuss
You could probably just implement this in software on a side monitor even...
arsome
·قبل 3 سنوات·discuss
Real-time AV scanning is useless against even a cheap (<$10) packer though. Sure, they'll update their definitions and find it eventually, but if it doesn't have a definition for it now, having a definition for it later simply doesn't matter, the damage is done. I'd argue you're actually better to run it through something like VirusTotal where they'll have a larger assessment from many scanners and sandboxing tools to increase the odds of catching something compared to real-time scans with 1 AV.
arsome
·قبل 3 سنوات·discuss
It's interesting too because AV feels somewhat less useful than ever - we're not in the days of common worms flying around the internet anymore, we're in the days of script kiddies using commercial "FUD packers" to bypass most AV scanners with their password and token stealers so they can resell the accounts.

Tools like that are basically hit-and-run and they don't need to stick around to do lasting damage.
arsome
·قبل 3 سنوات·discuss
Seems to be working for me still, though I set the GPO back on Win10 and it carried over to Win11 through an upgrade. I see some reports of needing to disable tamper protection first but should still work.
arsome
·قبل 4 سنوات·discuss
Syncthing is really key, no need to pay for photo sync services, just send it to your Nas or desktop, no need to pay for password managers, just sync it, no need to pay for notetaking apps or todo apps, just sync Obsidian or Joplin.
arsome
·قبل 4 سنوات·discuss
I was going to try TailScale but then it seemed the only option to do so as an individual was to login with a 3rd party cloud provider, which I in no way want tied into my networks.

I gave up and just setup wireguard directly instead, I don't trust Tailscale either if that's their attitude towards privacy, it's permanently marred my vision of their product.
arsome
·قبل 5 سنوات·discuss
Eh... take a look at some of the shit that was reported in the lawsuits, seems a lot worse than mis-interpreted "ribbing".